We are Onhealth, a trading name of On Medical Limited, and we are registered under the Companies Act, Reg. No. 05773924.
Our registered office is:
50-52 Heaton Road
Newcastle Upon Tyne
What is this privacy statement about?
To supply our customers with our services we need to use information about you, and some of that may be personal or private. For example, we may need to know your name and address, or details of how you would like to be contacted (e.g. your mobile phone number or email address).
What information do we collect about you?
The information we collect about you may vary based on what service we provide to you. Typically, we need details like:
We only collect information about you that we need to ensure you get the best service from us. We respect your privacy and we try to minimise what we do collect.
What is sensitive personal information?
This category of personal information is more sensitive and relates to, for example, a person’s physical or mental health, race or ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships, their genetic or biometric data and sexual orientation.
We have in place additional measures to protect your sensitive personal information and its confidentiality. We will use your sensitive personal information in order to meet your requirements when arranging medical appointment(s) in relation to your clinical weight loss programme.
Why do we collect this information?
We collect your information where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract with you to provide clinical weight loss programme services.
How do we collect information about you?
We collect the information we need directly from yourself.
Where absolutely necessary, we may occasionally collect information about you from other ‘third parties’ such as:
What do we do with the information we collect about you?
We use your information in various ways, such as to:
Who might we share your information with?
We appreciate that you have provided your information to us and may not want us to share it with other people or organisations, however sometimes it is necessary for us to do so.
We only share your information where we are permitted or required to by law, or where you have given us your consent to do so. We may share your information with, for example:
We are careful to minimise such sharing
Whenever we share your information we do everything we can to ensure it is protected from misuse or loss.
Although we are a UK company, we may sometimes share your information with an organisation, such as a contractor working on our behalf, who is outside the UK. Such companies may also be outside of Europe. We may do this, but we will only do so where we are permitted to by law.
How do we look after and secure your information?
When we use information about you we take all reasonable efforts to do so fairly and lawfully.
We think it likely that our clients know we use information about them, and we provide notices of such wherever we can.
We never use information about you unless it is lawful for us to do so and we have a clearly defined need or purpose.
When we collect information about you we ensure that we minimise what we collect. We try to collect enough accurate and up to date information to ensure we provide you with the service you require and no more.
We do not keep your information for longer than we need it, ensuring that the records we have about you are managed properly and deleted promptly and securely when they are no longer required.
We make every effort to ensure your rights towards your information, which we detail below.
We take appropriate care to secure the information we hold about you. We have robust technical security such as passwords and information encryption. We also have policies and procedures to ensure your information is only available to our employees who need to see it to do their job, and we train those employees on data protection appropriately.
Also, we establish robust procedures and contracts to extend these protections to any other person or organisation we may need to give your information to.
In everything we do with your information we aim to be fair, lawful, and open, and we take seriously our obligations towards your privacy and the protection of information we may hold about you.
On our websites
When you enter data onto secure areas of our websites, a Secure Socket Layer (SSL) is initiated. A SSL is a security device which ensures that any data which you enter is encrypted during transmission over the internet. Encryption means the data is encoded so that it is not legible until such time as we decode it.
No data transmission over the internet can ever be entirely secure. While we do our best to protect your personal information, we cannot guarantee its security and you must be aware of this when using our websites.
Our websites may contain links to other websites. If you follow a link to any of these websites, please note that these websites have their own Terms & Conditions and privacy policies and that we cannot accept responsibility for their content. This privacy statement applies only to our website.
Whilst we make every effort to ensure that our websites only include quality, safe and relevant external links, you are advised adopt a policy of caution before clicking any external web links mentioned throughout our websites.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note that they click on external links at their own risk and our website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that our website participates on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
You are advised to use social media platforms wisely and communicate/engage upon them with due care and caution in regard to their own privacy and personal details. Our websites will never ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
Our website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. You are advised before using such social sharing buttons that you do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
Our website, through our social media platform accounts, may share web links to relevant web pages. By default, some social media platforms shorten lengthy web addresses (URLs), (for example: http://goo.gl/XC61E3).
You are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms via our website. Despite the best efforts to ensure only genuine URLs are published, many social media platforms are prone to spam and hacking and therefore our website cannot be held liable for any damages or implications caused by visiting any shortened links.
By email and phone
If you have contacted us by email, or provided an email address, we may use that to contact you if we need to.
You should also be aware that information conveyed by email could be deliberately or accidentally intercepted or corrupted. Whilst we make every effort to ensure that emails we send to you are free from viruses this cannot be guaranteed. We recommend that you scan all emails for viruses with appropriate and frequently updated virus checking software.
If you have given us your phone number (landline or mobile), we may use it to contact you if we need to, including sending texts. If you contact us, or we contact you, we also record your phone call, for security, compliance and training purposes.
Please let us know if your mobile phone number or email address changes so that we can keep this information up to date.
The Data Protection Act and General Data Protection Regulation (GDPR) grants you certain rights towards your personal information. We take all reasonable efforts to ensure we allow you to exercise those rights.
You have the right to see all the personal information we hold about you
We will handle routine enquiries as part of our usual customer service. If you want to see more of the information that we have about you, you can make a data subject access request.
You can write to us at:
Data Protection Team
50-52 Heaton Road
Newcastle Upon Tyne
We may reply to you where we need further information to help respond effectively to your request.
To ensure that we only provide your information to you and not someone else, you will need to provide us with two current forms of identification.
We provide your information free of charge. In the case of subsequent or excessive requests from you to provide your information, we may charge a reasonable fee based on administration costs (as we are allowed to by law). We will inform you if this fee is applicable.
Once we receive your written request, any clarifications, identification, and in the case of subsequent or excessive requests your administration fee, we will respond as soon as we can within 1 month.
You have the right to have your information corrected
We take all reasonable steps to ensure that the information we have about you is accurate and up to date.
If you think that what we have is not accurate or up to date, please tell us as soon as possible and we will ensure it is corrected with undue delay.
You have the right to stop us direct marketing to you
We are keen to promote our services and may make you aware of products that help with this. Also, from time to time we may tell you about other offers we think may interest you.
We may do this, or we may share your information with carefully selected partners who offer services or products that we think you may be interested in. Every time we contact you about such offers we will give you the opportunity not to hear about them anymore.
If you do not want to receive such offers at all, please let us know, by calling 0344 576 1679, or in writing to:
50-52 Heaton Road
Newcastle Upon Tyne
Also, we will not send you these offers by phone if you have registered with the Telephone Preference Service or by mail if you have registered with the Mailing Preference Service.
You have the right to stop us taking ‘automated decisions’ about you
We do not routinely use software to make automated decisions about you.
Onhealth and data protection
The Data Protection Act governs how we may use your personal information. We are registered under the Act and regulated by the Information Commissioner’s Office (ICO).
You can find our registration details here: On Medical Ltd, Registration Number: Z1097936
You can also find considerably more information about this on the ICO website or by contacting them at:
Information Commissioner’s Office
Changes to this statement
From time to time, we may amend this privacy statement to reflect changes in the law, guidance from the ICO, our experience of handling your information, or for other legitimate reasons. We will do this by posting the amended privacy statement on this website. We therefore suggest you check this statement from time to time to ensure you are aware of the latest version.
This policy was last reviewed on 20/11/2023
If you have any questions or ideas, please refer to the data protection team at Onhealth, who will be pleased to help you. You can contact the team:
Data Protection Team
Newcastle upon Tyne
Resources & Further Information